Fuzz testing

Fuzz testing provides pseudo-random data as the input to code, running until a fatal error is encountered or a time or iteration limit is reached. Fuzz testing can detect potential security and/or stability issues in your Rust code.

Shapes generated by smithy4rs support fuzzing with the cargo-fuzz rust fuzzing framework.

Structure-Aware fuzzing with `smithy4rs`

To use generated shapes for structure-aware fuzzing, enable the arbitrary feature for smithy4rs-core and add the arbitrary crate as a dependency.

# cargo.toml 

[dependencies]
# other deps...
smithy4rs-core = { version = "0.0.1", features = ["arbitrary"] }
arbitrary = { version = "1.4.2", default-features = false }

Now, use a generated shape as the input to your fuzz target:

#![allow(unused)]
fn main() {
fuzz_target!(|data: MyGeneratedStruct| {
    // Code to fuzz...
});
}

And that's it! Run cargo fuzz to execute any fuzz tests.

Unvalidated inputs

Using a generated Smithy structure for structure-aware fuzzing will always provide your fuzzed code with a structure validated by the DefaultValidator.

If you would like to generate invalid structures or use a custom validator for your fuzzed structures, the ShapeBuilder for a generated structure shape can also be used as an input to a fuzz_target closure. Such builders have not been validated and so, can be used to create invalid/custom-validated structures.

smithy4rs: Smithy codegen for Rust (unofficial)

Fuzz testing

Structure-Aware fuzzing with smithy4rs

Unvalidated inputs

Structure-Aware fuzzing with `smithy4rs`